This post is dedicated to all of you running your church’s website in the choir robe closet, or who have been graced with a generous and geeky member who has taken advantage of one of those cheap, unmanaged dedicated server deals advertised at places like WebHostingTalk:
As the author plainly states, “This list is not comprehensive, nor does [he] take any responsibility for any harm that may come to your server if you use any of these commands.” That said, I found this a very good “quick reference” for those of you thinking about running or leasing your own Linux/Apache server.
Along with the tips found on Richy’s site, here are some other things to worry about, each with a link to some other helpful “Security for Newbies” type page:
- Plan first, Implement Second
- Close All Unused Ports
- Minimize Privileges
- Protecting the Boot Process
- Turn off all unused services.
- Check your system logs, OFTEN!
- Remove Stale and Unnecessary Accounts
- Scanning your system for rootkits (modified binaries)
- Remove unnecessary programs (“rpm -qa”)
- Keep up with your operating system’s Security announcements
- Scan/Attack your own system
- Enforce a strong password policy
Now if this hasn’t scared you out of running your own server in the basement of your church or charity (and I’m hoping it does),
then may suggest, no … I COMMAND YOU to go buy and then read “Hacking Linux Exposed” before you take the dive.
How ’bout some of you other pros out there. I’m sure I’ve missed something. Leave a comment, add to the list.